[keycloak-user] Keycloak configuring SAML clients
Rafael Weingärtner
rafaelweingartner at gmail.com
Tue Aug 14 10:03:11 EDT 2018
Thanks!
I tried using that, but I received an error. Now I found out why. my SP
metadata file had the following line:
> <?xml version="1.0" encoding="UTF-8"?>
>
That was breaking the parser.
On Tue, Aug 14, 2018 at 10:53 AM, John Dennis <jdennis at redhat.com> wrote:
> On 08/14/2018 09:26 AM, Rafael Weingärtner wrote:
>
>> Hello Keycloakers,
>>
>> I am trying to integrate Keycloak with an SP using SAML. I downloaded
>> keycloak metadata using
>> https://<server>/auth/realms/<realmName>/protocol/saml/descriptor.
>> I configured this metadata in my metadata provider (for the whole
>> federation). The SPs now can see the IdP (Keycloak). How do I configure
>> Keycloak to use my federation metadata? I mean, instead of configuring
>> each client manually, keycloak could read this descriptor file, and get
>> the
>> Keys (public keys of service provides) and URLs from there. At least that
>> is how we are used to do when using Shibboleth.
>>
>
> Using the Web Admin GUI, go to the relevant realm page. In the left panel
> is a "Clients" tab, click on that. On the "Clients" page click on "Create"
> in the upper right. On the "Add Client" page is a "import" box, enter your
> SP metadata there. Make sure the client protocol is set to saml.
>
>
> --
> John Dennis
>
--
Rafael Weingärtner
More information about the keycloak-user
mailing list